MastodonTech.de

Scott LairdYow! I've been running <a href="https://hachyderm.io/tags/Minisforum" class="mention hashtag" rel="nofollow noopener" target="_blank">#Minisforum</a> MS-A2 <a href="https://hachyderm.io/tags/VyOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#VyOS</a> router performance benchmarks in the background for most of the weekend. I'll make a relatively small config, reboot, re-run the multi-hour NDR sweep with trex, lather, rinse, repeat.When I set the BIOS to "performance" power mode instead of "balanced" (the default), I notice that it spikes to drawing 185W from the wall and runs like a bat out of hell for 6 seconds before throttling itself back down to 155W.That's a spicy little mini PC -- I don't know how it expects to cool 185W. I mean, obviously it isn't, but it seems like a weirdly aggressive thing to even attempt.This is *obviously* optimized for gaming/desktop uses, where a 6s spike in performance followed by slowing back down is a good thing. It benchmarks fairly poorly this way, though. Dropping back to "balanced" seems to give much better numbers overall.I tried turning on AMD PBO, which will boost clock speeds even more when thermals permit it. Thermals didn't permit it. I'm running each test 3x, and with PBO I was seeing giant differences from run to run. Like 5.84/14.83/5.85 Mpps across 3 runs. In "balanced" mode without PBO it consistently got >15 Mpps, so enabling PBO isn't even slightly helpful.This box feels like it should be faster than it is on routing; it's clearly faster than my previously-measured numbers on this thing's Intel twin, but throughput doesn't seem to be linear with CPU load. At 80% of peak load, it's using something like 50% of its CPU, but increasing past that rapidly swamps the CPU.I saw similar with the Intel system, but I blamed it on Alder Lake's mix of P and E cores. The AMD model has 16 equal cores, so *that*'s not the problem.I'm not sure if I'm hitting kernel-tunable issues (I've found at least one so far), hardware-tunable issues (Mellanox *loves* knobs), cache-size issues, or memory-bandwidth issues.I probably have the tools to figure it out, though, so I'll leave tests running in the background for a day or two and keep making little tweaks to see what helps.

SalearlymanHey fellow sysadmin cosplay nerds, does anyone here use VyOS? I use VyOS as the main router for my home network and I just found out that a job for uploading backups to an off-site location is strangling my upstream bandwidth.I want to create a QOS / traffic shaping policy to treat this as bulk traffic - take up as much bandwidth as available but give priority to all other traffic.Is there a simple way to do this? I don't want to allocate a fixed bandwidth for it.<a href="https://cloudisland.nz/tags/HomeLab" class="mention hashtag" rel="nofollow noopener" target="_blank">#HomeLab</a> <a href="https://cloudisland.nz/tags/vyos" class="mention hashtag" rel="nofollow noopener" target="_blank">#vyos</a> <a href="https://cloudisland.nz/tags/sysadmin" class="mention hashtag" rel="nofollow noopener" target="_blank">#sysadmin</a>

JunicastAfter a couple of years of abstence I have to try <a href="https://chaos.social/tags/vyos" class="mention hashtag" rel="nofollow noopener" target="_blank">#vyos</a> once again. I have been also trying to go back to <a href="https://chaos.social/tags/opnsense" class="mention hashtag" rel="nofollow noopener" target="_blank">#opnsense</a> lately but it seems I like <a href="https://chaos.social/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#linux</a> based firewalls better, even though somehow <a href="https://chaos.social/tags/BSD" class="mention hashtag" rel="nofollow noopener" target="_blank">#BSD</a>'s <a href="https://chaos.social/tags/pf" class="mention hashtag" rel="nofollow noopener" target="_blank">#pf</a> is really good.

Scott LairdFeeling okay about progress on my <a href="https://hachyderm.io/tags/golang" class="mention hashtag" rel="nofollow noopener" target="_blank">#golang</a> <a href="https://hachyderm.io/tags/VyOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#VyOS</a> config handling code. It can read and write all 3 forms of config (`show`, `set`, and the on-disk boot format), and I have a demo WASM app with a text area that I can paste `show` configs into and get them auto-converted to `set` configs.The next step is to bundle up a couple sample configs and add a template interface where you can specify which interfaces have LAN, WAN, etc, and what your IP address ranges look like. Then it'll auto-create a config for you.Yeah, this is doable without a full parser or WASM, but it's not a bad exercise. Plus this is inherently flexible in ways that strict text templating systems aren't.

Scott LairdToday's "fun" side project: working on a <a href="https://hachyderm.io/tags/golang" class="mention hashtag" rel="nofollow noopener" target="_blank">#golang</a> library for parsing <a href="https://hachyderm.io/tags/VyOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#VyOS</a> router configs. VyOS"s config is Juniper-like, rather than IOS-like, which I like. However, like Junos, that means that it has (at least) 2 different formats: the block-structured `show configuration` output and the `set` format (`show | display set` in Junos, `show | commands` in VyOS) that can actually be pasted into a device.Right now, I can parse VyOS's block-structured configs into an AST and then dump the AST as `set` commands. The goal is to be able to parse and write all 3 of VyOS's config formats (its boot config format is *just* different enough to need its own code), to allow conversion between formats. The end goal is to be able to throw together a web app generating templatized starter configs that can convert between formats trivially.The other goal is to get some practice with Go generics and probably WASM.

Scott LairdYou know, <a href="https://hachyderm.io/tags/VyOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#VyOS</a> really doesn't seem happy when you try to add 65,536 static routes to its config. Sorta slow.

MarekVyOS is unfortunately becoming more and more isolated. They now even have an EULA - doesn't that contradict the GNU GPL? I can understand the commercial interests behind it, but I think it's a shame.<a href="https://forum.vyos.io/t/doesnt-the-eula-contradict-the-gnu-gpl-is-vyos-stream-publicly-available/15756" rel="nofollow noopener" translate="no" target="_blank">https://forum.vyos.io/t/doesnt-the-eula-contradict-the-gnu-gpl-is-vyos-stream-publicly-available/15756</a><a href="https://blog.vyos.io/vyos-1.4.1-release" rel="nofollow noopener" translate="no" target="_blank">https://blog.vyos.io/vyos-1.4.1-release</a><a href="https://layer8.space/tags/VyOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#VyOS</a> <a href="https://layer8.space/tags/BGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#BGP</a> <a href="https://layer8.space/tags/FLOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#FLOSS</a> <a href="https://layer8.space/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenSource</a> <a href="https://layer8.space/tags/FreeSoftware" class="mention hashtag" rel="nofollow noopener" target="_blank">#FreeSoftware</a>

AliveDevil<a href="https://tauri.earth/tags/VyOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#VyOS</a> PSA: If you have Accept_ANY rules in Zone-based firewall, don't# set firewall global-options state-policy invalid action dropThis will just shortcut drop all new packets, sometimes.<a href="https://tauri.earth/tags/Router" class="mention hashtag" rel="nofollow noopener" target="_blank">#Router</a> <a href="https://tauri.earth/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#Linux</a>

AliveDevilSo … <a href="https://tauri.earth/tags/VyOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#VyOS</a> people. What's your solution for monitoring link stability? E.g. latency, ICMP drops, etc.<a href="https://tauri.earth/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#Linux</a> <a href="https://tauri.earth/tags/Router" class="mention hashtag" rel="nofollow noopener" target="_blank">#Router</a> <a href="https://tauri.earth/tags/HomeLab" class="mention hashtag" rel="nofollow noopener" target="_blank">#HomeLab</a> <a href="https://tauri.earth/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#SelfHosting</a>

AliveDevilThat urge to build a client app to configure <a href="https://tauri.earth/tags/VyOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#VyOS</a>.<a href="https://tauri.earth/tags/Avalonia" class="mention hashtag" rel="nofollow noopener" target="_blank">#Avalonia</a> <a href="https://tauri.earth/tags/Desktop" class="mention hashtag" rel="nofollow noopener" target="_blank">#Desktop</a> <a href="https://tauri.earth/tags/CSharp" class="mention hashtag" rel="nofollow noopener" target="_blank">#CSharp</a>

ItzTrainI got tired of fussing with <a href="https://hachyderm.io/tags/FRR" class="mention hashtag" rel="nofollow noopener" target="_blank">#FRR</a> and trying to use it to do VRF's and routing as it really is geared towards Dynamic Routing! Back to <a href="https://hachyderm.io/tags/VyOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#VyOS</a> for the <a href="https://hachyderm.io/tags/homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#homelab</a>. I am still using VRRP with 3 FFA routers on my <a href="https://hachyderm.io/tags/incus" class="mention hashtag" rel="nofollow noopener" target="_blank">#incus</a> hosts. So as long as my upstream router is up. I can reboot hosts all day long and no internet go down.<a href="https://hachyderm.io/tags/selfhosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#selfhosted</a> <a href="https://hachyderm.io/tags/selfhosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#selfhosting</a>

PaulThe <a href="https://social.pfzetto.de/tags/Vyos" class="mention hashtag" rel="nofollow noopener" target="_blank">#Vyos</a> firewall currently doesn't support SIIT-DC (Stateless IP/ICMP Translation for IPv6 Data Center Environments). Luckily there is a workaround to configure it anyway: <a href="https://pfzetto.de/blog/siit-dc-for-vyos" rel="nofollow noopener" translate="no" target="_blank">https://pfzetto.de/blog/siit-dc-for-vyos</a> <a href="https://social.pfzetto.de/tags/networking" class="mention hashtag" rel="nofollow noopener" target="_blank">#networking</a> <a href="https://social.pfzetto.de/tags/ipv6" class="mention hashtag" rel="nofollow noopener" target="_blank">#ipv6</a>

MarekVyOS 1.5 is somehow broken for me: Babel does not work at all (not even with the example from the documentation) and with BGP you cannot set a source address for installed routes (possible with route-map set src, but has no effect).The rolling release seems to be enormously rolling.<a href="https://layer8.space/tags/VyOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#VyOS</a> <a href="https://layer8.space/tags/Babel" class="mention hashtag" rel="nofollow noopener" target="_blank">#Babel</a> <a href="https://layer8.space/tags/FRR" class="mention hashtag" rel="nofollow noopener" target="_blank">#FRR</a> <a href="https://layer8.space/tags/BGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#BGP</a> <a href="https://layer8.space/tags/Networking" class="mention hashtag" rel="nofollow noopener" target="_blank">#Networking</a>

ItzTrainI'm trying to get <a href="https://hachyderm.io/tags/VyOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#VyOS</a> dhcp across it's VRF's.. It doesn't seem to like it unless it's the default vrf, in which I do have services there.. I am running my own Kea dhcp server and that is pretty ehh.. getting dhcp lease information is cumbersome. So naturally i'm running 2.. for the vrf's that I can't use :) ..<a href="https://hachyderm.io/tags/homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#homelab</a> <a href="https://hachyderm.io/tags/selfhosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#selfhosted</a> <a href="https://hachyderm.io/tags/selfhosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#selfhosting</a>

ItzTrainAight!!! I did the VRF thing with <a href="https://hachyderm.io/tags/VyOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#VyOS</a> with 1 vlan routing out a TMO secondary internet provider for just streaming stuff.. <a href="https://hachyderm.io/tags/dhcp" class="mention hashtag" rel="nofollow noopener" target="_blank">#dhcp</a> really gave me a run for my money and I couldn't it out trying to use the dhcp service on Vyos. So I'm just hosting my own now and... Yeah! It it works. I have been looking at the Cloud Gateway Max... Pro.. Mini...Biggie.. That looks like interesting to get into not managing my damn router any longer. <a href="https://hachyderm.io/tags/homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#homelab</a> <a href="https://hachyderm.io/tags/selfhosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#selfhosting</a> <a href="https://hachyderm.io/tags/selfhosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#selfhosted</a>

ItzTrainUh!! I'm probably moving to a batteries included router next.. Jesus christ! I don't know why I chose to move to VRF's on the router . I guess the big kids are doing it!! Now I can't get VRF's and the DHCP server to work on <a href="https://hachyderm.io/tags/VyOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#VyOS</a> <a href="https://hachyderm.io/tags/homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#homelab</a> <a href="https://hachyderm.io/tags/selfhosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#selfhosted</a> <a href="https://hachyderm.io/tags/selfhosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#selfhosting</a>

M. Hamzah KhanSuper happy <a href="https://intahnet.co.uk/tags/Vyos" class="mention hashtag" rel="nofollow noopener" target="_blank">#Vyos</a> have announced Vyos Stream: <a href="https://blog.vyos.io/introducing-vyos-stream" rel="nofollow noopener" translate="no" target="_blank">https://blog.vyos.io/introducing-vyos-stream</a>Using the nightly builds isn't great if you want something stable. I had a few issues in the past where they changed how something worked or was configured and it broke.At the same time, the LTS version moves quite slowly. I get a bit of FOMO while running the LTS. 😅 Using Vyos Stream is a great middle ground. You get new features, with a reduced risk of things breaking in the following days build.

JanaThe change of <a href="https://social.jsteuernagel.de/tags/VyOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#VyOS</a> not allowing just anyone to build ISOs anymore seems to be in effect now.I tried building a new ISO and got greeted with this error message:E: Failed to fetch <a href="http://dev.packages.vyos.net/repositories/sagitta/dists/sagitta/InRelease" rel="nofollow noopener" translate="no" target="_blank">http://dev.packages.vyos.net/repositories/sagitta/dists/sagitta/InRelease</a> 403 Forbidden [IP: 2606:4700::6812:1e4f 443]

JanaJust yesterday evening I was thinking why seemingly every project that I like has some drama at the moment.And now even <a href="https://social.jsteuernagel.de/tags/VyOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#VyOS</a> decides to do a rug-pull of their build tools, just as I decided to double down on VyOS as my cloud router software...They say their rolling releases are stable and yes, they are pretty good, but I've had my setup break enough times, when I was on them, that I don't have enough trust in those anymore for critical stuff.<a href="https://blog.vyos.io/community-contributors-userbase-and-lts-builds" rel="nofollow noopener" translate="no" target="_blank">https://blog.vyos.io/community-contributors-userbase-and-lts-builds</a><a href="https://social.jsteuernagel.de/tags/homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#homelab</a> <a href="https://social.jsteuernagel.de/tags/networking" class="mention hashtag" rel="nofollow noopener" target="_blank">#networking</a>

Pete KeenMy <a href="https://hachyderm.io/tags/VyOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#VyOS</a> router fell over and won't boot back up :(I activated the fallback plan to use the ISP modem (bleh ugh) and now their app is spamming me with push alerts about every single device joining the network.

Frühere Suchanfragen

Suchoptionen

Verwaltet von:

Serverstatistik:

#vyos